Sophos at Infosec 2015: Attack demonstrations, intelligent security, crypto explained and more

infosecurity-europe-2015Europe’s biggest security event is upon us. If you’re attending Infosecurity Europe 2015, we hope you’ll join us at stand D260 to check out our great products, grab one of our cool giveaways, and see entertaining presentations from our respected experts.

One of our top experts will also be featured on the keynote stage, where James Lyne, Sophos global head of security research, will show you live attack demonstrations in his talk “How to Hack an Enterprise: Exploitation for Beginners.” James is also a member of the advisory board for the Intelligent Defence technical research conference taking place alongside Infosec.

The theme of Infosec this year is “Intelligent Security: Protect. Detect. Respond. Recover.” We agree that security should be intelligent – that’s why Sophos products are designed to prevent attacks based on suspicious behaviors, and detect and isolate infections when they do happen.

Continue reading

Which countries top the new Dirty Dozen spam list?

spamp-2015-q1-150SophosLabs tracks huge volumes of spam from around the world, and once in a while we pause to take a look at the countries sending the most spam  – we call it our Dirty Dozen Spampionship.

In the results for the most recent quarter (January, February and March 2015), we found that the biggest spam-relaying country in the world is the United States, once again. Vietnam has climbed to number two, followed by Ukraine, Russia, South Korea, and China rounding out the top six.

Check out the rest of the list and you see some familiar places and some countries that come and go from the Dirty Dozen:

Continue reading

Get all the buzz from our experts at RSA

rsa-conference-2015If you couldn’t make it to San Francisco for RSA Conference, we’re bringing you great content and news from the event on our blogs and social media channels.

We also broadcasted from RSA via podcast – bringing you the expert opinions of our top security gurus, who took time away from their presentations and booth talks to reflect on the interesting themes and serious discussions happening at the conference.

There’s so much going on in the security world, and Sophos experts cut through the noise succinctly and intelligently in our (brief, informative, fun) podcasts.

Continue reading

Here’s what Sophos is talking about at RSA Conference 2015

Sophos at RSAIT professionals, security vendors, and the media all converge at RSA Conference 2015 in San Francisco the week of April 20-24th, where Sophos is well represented by our security experts and our great staff.

We’re presenting some new research at the show, so you won’t want to miss our live demonstrations. We’re also sharing all the news from RSA on social media, providing in-depth coverage on Naked Security, and podcasting from the event!

What are we talking about at RSA? Here’s a rundown of the big topics Sophos security experts are exploring.

Continue reading

Who will cybercriminals target next? (Video)

james-lyne-150Who will cybercriminals target next? James Lyne, Sophos global head of security research, says gangs are creating new ways to attack ever more victims, and improving on the old ways to make more money.

In a new video from the Wall Street Journal, James sounds off on recent and emerging trends in cybercrime, and talks about what’s coming next for security of the Internet of Things (IoT).

Continue reading

Don’t believe these four myths about Linux security

Linux security mythsWe are well into the 21st century, but it is astonishing how people can still believe that Linux-based operating systems are completely secure. Indeed, “Linux” and “security” are two words that you rarely see together.

Just as some people believe Macs are immune to viruses, some Linux users have the same misconception – and who can blame them? After all, vendors have been telling them that for years.

In 2012, after an exponential rise of OS X malware (such as MacDefender and Flashback), Apple decided to change its homepage by removing sentences like “It doesn’t get PC viruses.”

Continue reading

SophosLabs research uncovers new developments in PlugX APT malware

SophosLabsThe notorious PlugX APT group is continuing to evolve and launch campaigns, most recently a five-month-long campaign targeting organizations in India.

PlugX now uses a new backdoor technique – hiding the payload in the Windows registry instead of writing it as a file on disk – according to a new technical paper from SophosLabs Principal Researcher Gabor Szappanos.

Although not unique to PlugX, this backdoor approach is still uncommon and limited to a few relatively sophisticated malware families.

Continue reading